On Thu, Mar 15, 2007 at 01:22:37PM +0900, Bill Kelly wrote:
> From: "Chad Perrin" <perrin / apotheon.com>
> >On Thu, Mar 15, 2007 at 11:45:31AM +0900, Bill Kelly wrote:
> 
> >>So we're left with either enacting hacky workarounds to
> >>mitigate the security flaws, or disabling key features of
> >>the mod, or not allowing the mod to be played anymore at
> >>all on our servers... or maybe hacking the binary--which
> >>no-one has time for.
> >
> >The same line applies to that as to the GPL: you don't have to use it if
> >you don't want to abide by the license terms.  Frankly, I think that's a
> >sucky way to approach it, but I think it's sucky whether you're talking
> >about the GPL or unreleased copyrighted works.
> 
> I'm not sure whether I understand your point here, or not.
> We have binaries that are essentially bit-rotting.  The 
> difference between source availability and binary availability
> here is all that seems germane to the particular situation I'm
> trying to describe.
> 
> I can see how "you don't have to use it" might apply (and
> how GPL advocates might also use that argument in other
> contexts), but my assessment of our current situation (in the
> Q2 community) is that we would have been better served by a
> license that ensured that derivative works of open source
> works *stayed* open source.  (Whatever license offered that
> particular protection/limitation.)

Sorry, I think I got a little snarky there.  That was sort of a
general-purpose response to the commonly offered suggestion that the GPL
is the perfect license because if I don't want to use the GPL I can just
avoid GPLed software when doing development.  The same, of course,
applies to proprietary software -- which makes it pretty obvious that
the choice to avoid a given license doesn't make that license any better
or less flawed.

In other words, that wasn't really a response to what you said.


> 
> >>From my point of view, we have a very concrete example
> >>of a case where after a decade, it's become apparent that
> >>a license that would have required the source stay open
> >>would have been far preferable to one that allowed what
> >>was originally open source to become closed source.
> >
> >Are you talking about the software being offered under an open source
> >license, or are you talking about the source being forced into public
> >accessibility by licensing?  You aren't exactly clear on that score.
> 
> Well; (I'm re-reading your earlier post about Linux LiveCD's)...
> 
> To approach it from the inside-out, I'm saying that something
> would have to have been different to avoid the situation we now
> find ourselves in, where we have bit-rotting closed-source
> binaries that are derivative works of an originally open source
> release from the manufacturer.
> 
> So, I guess must be talking about, in some way, the source 
> being forced into public accessibility by licensing.
> 
> But: in practical terms, after a decade, source often seems to
> be available (mirrored with the binary) in cases where the
> authors of the mod _originally_ chose to release the source with
> their binary.  The cases where we can't find source code are
> typically those where source was _never_ released.
> 
> I realize things get sticky where one tries to place limits
> on how long the mod author must provide a link to the source
> code.  And not everybody wants to download the source with
> the binary.  I think I understand your Linux LiveCD point;
> (although I must admit, with terabyte hard drives these days
> I'd think one could manage to keep every release around in
> gzipped source form for three years...)
> 
> I dunno; I'm not suggesting a perfect solution exists; I'm
> just saying we have real-life issues with closed source
> binaries in the Q2 community.  And these are issues I felt
> the GPL (or some other license meeting the appropriate
> criteria) would have solved/prevented.

So would any number of other possible solutions, such as reimplementing
the same stuff and releasing the source so that the closed source
version is obsolesced, refusing to use the closed source version in the
first place, a little bit more social pressure on the guy unwilling to
open the source, and so on.  Part of the problem, I think, is that
people probably haven't really considered all the possible reasons for
the source not being divulged.  For instance, it may contain code that
was written by someone else, and the developer may have plagiarized it,
and not want anyone to know.  Who knows what the reason is?  There may
be a perfectly rational -- if perfectly despicable -- motivation
involved.

In any case, if you want something under an open source license badly
enough, and there's no way to get the existing version's source
released, the obvious solution seems to be to reimplement it -- but do a
better job of it.  One of the problems I have with the GPL is that it
reduces the ability of a reimplimentation under another license to
"catch on", in large part thanks to the fame imparted on it by the
successes of some software projects that bear the GPL.  The same
deterrents do not apply to closed-source software.

-- 
CCD CopyWrite Chad Perrin [ http://ccd.apotheon.org ]
"Real ugliness is not harsh-looking syntax, but having to
build programs out of the wrong concepts." - Paul Graham